Security professionals don't have secure mobile habits
Posted on 04 April 2013.
Security professionals have embraced BYOD and they’re taking “anytime, anywhere” access to some pretty interesting locations according a new survey by Ping Identity. Most also admit to employing poor password security practices.

The survey, based on 198 responses from attendees at RSA Conference 2013, sought to discover how work habits are changing as a result of cloud and mobile enterprise trends. The results show:

A tablet-powered workforce is real:
  • Fifty five percent of security professionals say they use a tablet for work
  • 45 percent of respondents stated that they use a tablet over their laptops or PCs for work purposes more than 25 percent of the time
  • When asked how many times per day they logged onto a work application from a mobile device, 49 percent of respondents logged in 10 or more times a day.
Even security professionals have bad password security habits:
  • 83 percent of respondents use the same password across multiple applications – violating a password security best practice
  • Discounting email and calendar apps, 59 percent of respondents have 3 or more apps on their mobile device that are considered core to their job. Twenty five percent have 5 or more apps that are core to their job.
Respondents were asked to list the most unusual or remote place where they logged into a work app. Nightclubs, aboard sailboats, on top of mountains, at the beach, and at theme parks were among the more common locations. Not surprisingly, ‘the bathroom’ was the most common answer, cited by 21 percent of respondents.


More than 900 embedded devices share hard-coded certs, SSH host keys

SEC Consult analyzed firmware images of more than 4000 embedded devices of over 70 vendors and found that, in some cases, there are nearly half a million devices on the web using the same certificate.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Nov 30th